Skip to main content
POST
/
v1
/
domain
/
third-party-risk
Third-party services co-present on infected machines
curl --request POST \
  --url https://api.vantaprism.me/v1/domain/third-party-risk \
  --header 'Content-Type: application/json' \
  --header 'api-key: <api-key>' \
  --data '
{
  "domains": [
    "acme-corp.com"
  ],
  "limit": 25
}
'
{
  "data": [
    {
      "third_party_domain": "<string>",
      "shared_victim_count": 123,
      "credential_count": 123
    }
  ],
  "meta": {
    "request_id": "req_01HZXK3Q7N8YV6F3M2P9JABCDE",
    "took_ms": 42.7,
    "tier": "pro",
    "masked_fields": [
      "password",
      "ip"
    ],
    "freshness_at": "2023-11-07T05:31:56Z"
  }
}

Authorizations

api-key
string
header
required

Static API key, format vp_<env>_<8-hex-prefix>.<40-hex-secret>. Preferred header for server-to-server integrations.

Body

application/json
domains
string[]
required
Minimum array length: 1
start_date
string<date-time> | null
end_date
string<date-time> | null
limit
integer
default:25
Required range: 1 <= x <= 25

Response

Third-party risk data

data
object[]
required
meta
object
required

Metadata attached to every successful response.